CVE-2019-10975

An out-of-bounds read vulnerability has been identified in Fuji Electric Alpha7 PC Loader Versions 1.1 and prior, which may crash the system...

Cross site scripting

An out-of-bounds read vulnerability has been identified in Fuji Electric Alpha7 PC Loader Versions 1.1 and prior, which may crash the system...

CVE-2019-10975

CVE-2019-10975 is an out-of-bounds read vulnerability in Fuji Electric Alpha7 PC Loader , affecting Versions 1.1 and prior . The issue may cause a system crash. The ZDI advisory describes a read-past-the-end in A7P file parsing, with exploitation depending on user interaction; ICS-CERT notes the ...

CVE-2019-10975

An out-of-bounds read vulnerability has been identified in Fuji Electric Alpha7 PC Loader Versions 1.1 and prior, which may crash the system...

RATs and stealers rush through “Heaven’s Gate” with new loader

By Holger Unterbrink and Edmund Brumaghin. Executive summary Malware is constantly finding new ways to avoid detection. This doesn't mean that some will never be detected, but it does allow adversaries to increase the period of time between initial release and detection. Flying under the radar fo...

jenkins-plugin-workflow-remote-loader: Unsafe Script Security whitelist entry in Pipeline Remote Loader Plugin (SECURITY-921)

A flaw was found in the Jenkins Workflow Remote Loader plugin. An unsafe whitelist entry was made that allowed invoking arbitrary methods and bypassing sandbox protection. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

The vulnerability of the Intel Dynamic Application Loader subsystem of the Intel Converged Security and Manageability Engine allows a perpetrator to enhance their privileges.

The vulnerability of the Intel Dynamic Application Loader DAL subsystem of the Intel Converged Security and Manageability Engine CSME is related to buffer overflow attacks. Exploiting this vulnerability can allow an attacker to increase their privileges remotely...

The vulnerability of the Dynamic Application Loader component of the Intel Converged Security and Manageability Engine and the Intel Trusted Execution Engine allows attackers to enhance their privileges.

The vulnerability of the Dynamic Application Loader component of the Intel Converged Security and Manageability Engine and the Intel Trusted Execution Engine is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges...

CVE-2019-10328

Jenkins Pipeline Remote Loader Plugin 1.4 and earlier provided a custom whitelist for script security that allowed attackers to invoke arbitrary methods, bypassing typical sandbox protection...

Code injection

Jenkins Pipeline Remote Loader Plugin 1.4 and earlier provided a custom whitelist for script security that allowed attackers to invoke arbitrary methods, bypassing typical sandbox protection...

CVE-2019-10328

Jenkins Pipeline Remote Loader Plugin 1.4 and earlier provided a custom whitelist for script security that allowed attackers to invoke arbitrary methods, bypassing typical sandbox protection...

CVE-2019-10328

CVE-2019-10328 affects Jenkins Pipeline Remote Loader Plugin (before 1.5). An unsafe Script Security whitelist entry allowed attackers to invoke arbitrary methods, bypassing sandbox protection and impacting confidentiality, integrity, and availability. Public references in Red Hat advisory RHSA-2...

CVE-2019-10328

Jenkins Pipeline Remote Loader Plugin 1.4 and earlier provided a custom whitelist for script security that allowed attackers to invoke arbitrary methods, bypassing typical sandbox protection...

PT-2019-2637 · Jenkins · Jenkins Pipeline Remote Loader Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Pipeline Remote Loader Plugin versions 1.4 and earlier Description: The issue is related to the custom whitelist for script security in the Jenkins Pipeline Remote Loader Plugin, which allowed attackers to invoke arbitrary methods and...

Fuji Electric Alpha7 PC Loader A7P File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Fuji Electric Alpha7. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Intel Dynamic Application Loader Buffer Overflow Vulnerability

Intel Dynamic Application Loader DAL is a dynamic application loader from Intel Corporation USA. It supports running Java code on CSME firmware. A buffer overflow vulnerability exists in the subsystem in Intel DAL versions prior to 12.0.35. The vulnerability stems from a networked system or produ...

ALPINE-CVE-2019-12218

An issue was discovered in libSDL2.a in Simple DirectMedia Layer SDL 2.0.9 when used in conjunction with libSDL2image.a in SDL2image 2.0.4. There is a NULL pointer dereference in the SDL2image function IMGLoadPCXRW at IMGpcx.c...

DEBIAN-CVE-2019-12218

An issue was discovered in libSDL2.a in Simple DirectMedia Layer SDL 2.0.9 when used in conjunction with libSDL2image.a in SDL2image 2.0.4. There is a NULL pointer dereference in the SDL2image function IMGLoadPCXRW at IMGpcx.c...

NULL Pointer Dereference

Overview Affected versions of this package are vulnerable to NULL Pointer Dereference. An issue was discovered in libSDL2.a in Simple DirectMedia Layer SDL 2.0.9 when used in conjunction with libSDL2image.a in SDL2image 2.0.4. There is a NULL pointer dereference in the SDL2image function...

Simple DirectMedia Layer Code Issue Vulnerability

Simple DirectMedia Layer SDL is a multi-platform library for accessing low-level hardware and graphics and providing support for games, software and emulators. A code issue vulnerability exists in the libSDL2.a file in SDL version 2.0.9. The vulnerability arises from an improperly designed or...